Managing access permission to and authentication between devices in a network

ABSTRACT

An accessing method for providing access to a device connected to a network comprises, in a first application, authenticating a second application. The method also comprises, in the second application, requesting an action on a secure service provided by the device, based on the authenticating of the second application in the first application. The requesting an action on a secure service provided by the device may be performed after the first application has assigned an access permission to the secure service provided by the device to the second application. The action on a secure service provided by the device may include reading a password created in the device. The device may be a server device containing media files. The method may further comprise expiring the password after a first use.

CROSS-REFERENCE TO RELATED APPLICATIONS

Pursuant to 35 U.S.C. § 119(a), this application claims the benefit ofearlier filing date and right of priority to Korean Application No.10-2004-0044696, filed on Jun. 16, 2004, the contents of which arehereby incorporated by reference herein in their entirety.

FIELD OF THE INVENTION

The present invention relates generally to a networking system and, moreparticularly, to network access and authentication.

BACKGROUND OF THE INVENTION

High-end digital audio/video electronic appliances such as digital videodisk (DVD) players and personal computers (PCs) are becomingincreasingly popular. Accordingly, user demand has increased forcommunication between these and other appliances found in the home withan outside network. There has also been an increasing demand to provideconsumers with the ability to control home appliances using a mobileapparatus, such as a personal direct access (PDA) device.

In an attempt to satisfy these demands, several types of home networkshave been designed. For example, universal plug and play (UPnP)technology has been proposed as a technology to be used for homenetworking.

The UPnP architecture is a distributed, open networking architecturethat leverages standard networking technologies, such as internetprotocol (IP) and hypertext transfer protocol (HTTP) to accomplish datatransfer between networked devices in the home or office. The UPnParchitecture may be implemented independently from specific operatingsystems, platforms, and transmission media.

In operation of UPnP technology, service-providing devices (devices) ina network are discovered automatically. Each service provided by anetwork device is modeled as an action with state variables. The serviceis requested and invoked by other devices using a control pointapplication. The control point application may be installed on a singleUPnP device, which conducts other services as well, or may be installedon each of a plurality of UPnP devices.

The UPnP technology offers authentication and security functionsnecessary for establishing a secure channel between a control pointapplication and devices in an UPnP network. The security functionincludes message identification, message authentication information(such as a sender's certificate), as well as message encryption.

FIG. 1 is a diagram illustrating a universal plug and play (UPnP) audiovisual (AV) network. Referring to FIG. 1, an AV media renderer 110 andan AV media server 120 are authenticated by an AV control point 130.After successful authentication, the media renderer 110 and the AV mediaserver 120 may securely communicate with each other.

FIG. 2 is a diagram illustrating an UPnP network for supporting remoteuser interface. Referring to FIG. 2, an UPnP network includes a remoteuser interface (Remote UI) enabled control point 230, a Remote UI client210 and a Remote UI server 220. The Remote UI client 210 and the RemoteUI server 220 are authenticated by the Remote UI control point 230.After successful authentication, a secure channel between the Remote UIclient 210 and the Remote UI server 220 is established for informationexchange.

In the networks illustrated in FIGS. 1 and 2, it is preferred that themedia renderer 110 (or 210) is authenticated by the media server 120 (or220) for the media renderer 110 (or 210) to access contents in the mediaserver 120 (or 220). Permission to access (access permission) thecontents in the media server 120 (or 220) is assigned on a content bycontent basis or by a group of contents.

FIG. 3 is a diagram illustrating a procedure for authentication betweena server and a client. Referring to FIG. 3, to enable authenticationbetween devices which have not been specified in the UPnP specification,a password-based authentication may be used. A client device 310 sendsan identification (ID) and a password to a server device 320 to acquirepermission to access desired content on the server device 320.

However, the security of the communication channel described withrespect to FIG. 3, is very weak as compared to a strong secure channelbetween control points and devices via UPnP security. The securityweakness may allow the contents to be accessed by unauthorized devicesin the network.

SUMMARY OF THE INVENTION

Accordingly, the present invention is directed to managing accesspermission to and authentication between devices in a network thatsubstantially obviates one or more problems due to limitations anddisadvantages of the related art.

An object of the present invention is to provide authentication betweendevices in an UPnP network via a secure control point application toestablish a secure communication channel between the devices.

It is another object of the present invention to enable a control pointapplication to invoke actions on secure services provided by a device inan UPnP network after secured authentication is completed.

It is another object of the present invention to provide setting andgranting of access permission of each of a plurality of devices in anUPnP network and/or services provided by each of a plurality of devices,to each of a plurality of control points.

According to the present invention, after a security console applicationauthenticates a control point application, the control point applicationmay request an action by a secure service on a device in an UPnPnetwork, based on authentication information generated by the securityconsole application.

According to the present invention, after a security console applicationassigns access permission of a service on one device in an UPnP networkto a control point application, the control point application mayrequest an action by the service on the device.

Additional advantages, objects, and features of the invention will beset forth in part in the description which follows and in part willbecome apparent to those having ordinary skill in the art uponexamination of the following or may be learned from practice of theinvention. The objectives and other advantages of the invention may berealized and attained by the structure particularly pointed out in thewritten description and claims hereof as well as the appended drawings.

To achieve these objects and other advantages and in accordance with thepurpose of the invention, as embodied and broadly described herein, inone embodiment, an accessing method for providing access to a deviceconnected to a network comprises, in a first application, authenticatinga second application. The method also comprises, in the secondapplication, requesting an action on a secure service provided by thedevice, based on the authenticating of the second application in thefirst application.

The requesting an action on a secure service provided by the device maybe performed after the first application has assigned an accesspermission to the secure service provided by the device to the secondapplication. The action on a secure service provided by the device mayinclude reading a password created in the device. The device may be aserver device containing media files.

The method may further comprise expiring the password after a first use.The action on a secure service provided by the device may includewriting a password to the device, the password being generated by thesecond application or received from outside the network. The device maybe a server device containing media files or a client device requestingtransfer of the media files to the server device.

In another embodiment, an authenticating method between a first deviceand a second device comprises, in a security application, authenticatinga control application that conducts a control or inquiry action on thefirst device and the second device. The method also comprises, in thecontrol application, inquiring for a password created by the firstdevice and sending the password to the second device, based on theauthenticating of the control application. The method also comprises, inthe first device, comparing a password received from the second deviceagainst the password created by the first device, and authenticating thesecond device based on a result of the comparing of the passwords.

In yet another embodiment, an authenticating method between a firstdevice and a second device comprises, in a security application,authenticating a control application that conducts a control or inquiryaction on the first device and the second device. The method alsocomprises, in a control application, creating a password and sending thepassword to the first device and the second device based on theauthenticating of the control application. The method also comprises, inthe first device, comparing the password received from the controlapplication against a password received from the second device, andauthenticating the second device based on a result of the comparing ofthe passwords.

In still another embodiment, a networked apparatus including a pluralityof devices comprises a first application configured to request a controlor inquiry action on the plurality of devices or services provided bythe plurality of devices, the first application running on one of theplurality of devices. The networked apparatus also comprises a secondapplication communicatively coupled to the first application, configuredto authenticate the first application, the second application running onone of the plurality of devices. The first application is configured torequest an action on a secure service of a first device of the pluralityof devices based on authentication information provided by the secondapplication. The request of the action on the secure service by thefirst application may be performed after the second application assignsaccess permission to the secure service to the first application.

In yet another embodiment, a networked apparatus including a pluralityof devices comprises a control application configured to request acontrol or inquiry action on at least one of the plurality of devices orat least one service provided by the at least one of the plurality ofdevices after being authenticated by a security application, and tocreate a first password. The networked apparatus also comprises a firstdevice communicatively coupled to the control application, configured tocreate a second password. The networked apparatus also comprises asecond device communicatively coupled to the first device, configured toreceive the first password from the control application and to send thefirst password to the first device to request authentication. The firstdevice authenticates the second device by determining whether or not thefirst password matches the second password.

In still another embodiment, a networked apparatus including a pluralityof devices comprises a control application configured to request acontrol or inquiry action on at least one of the plurality of devices orat least one service provided by the at least one of the plurality ofdevices after being authenticated by a security application. Thenetworked apparatus also comprises a first device communicativelycoupled to the control application, configured to compare a passworddelivered from the control application through a password setting actionof the control application against a password delivered from a seconddevice, and to authenticate the second device based on a comparisonresult.

The foregoing and other objects, features, aspects and advantages of thepresent invention will become more apparent from the following detaileddescription of the present invention when taken in conjunction with theaccompanying drawings. It is to be understood that both the foregoinggeneral description and the following detailed description of thepresent invention are exemplary and explanatory and are intended toprovide further explanation of the invention as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are included to provide a furtherunderstanding of the invention and are incorporated in and constitute apart of this application, illustrate embodiments of the invention andtogether with the description serve to explain the principles of theinvention.

FIG. 1 is a diagram illustrating a universal plug and play (UPnP) audiovisual (AV) network.

FIG. 2 is a diagram illustrating an UPnP network for supporting remoteuser interface.

FIG. 3 is a diagram illustrating a procedure for authentication betweena server and a client.

FIG. 4 is a diagram illustrating a procedure for assigning accesspermission to a secure device to a control point application, at asecurity console application, according to an embodiment of the presentinvention.

FIG. 5 is a diagram illustrating a procedure for authentication betweentwo secure devices via a control point application, according to anembodiment of the present invention.

FIG. 6 is a diagram illustrating a procedure for authentication betweentwo secure devices via a control point application, according to anotherembodiment of the present invention.

FIGS. 7 to 9 are diagrams illustrating structures of actions forpassword-based authentication between a control point application and asecure device, according to various embodiments of the presentinvention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Reference will now be made in detail to the preferred embodiments of thepresent invention, examples of which are illustrated in the accompanyingdrawings. Wherever possible, the same reference numbers will be usedthroughout the drawings to refer to the same or like parts.

FIG. 4 is a diagram illustrating a procedure for assigning permission toaccess a secure device 420 (access permission) to a control pointapplication 410 by a security console application 400, according to anembodiment of the present invention.

Referring to FIG. 4, an exemplary procedure for how a controlapplication, e.g., a control point 410, obtains access permission toactions on secure devices 420 in a universal plug and play (UPnP)network is described. To enable secure communication based on UPnPtechnology, an UPnP network is configured such that a secure device 420has a DeviceSecurity service. A control point (control pointapplication) 410 may invoke the DeviceSecurity service action.

Access permission to the secure device 420 may be granted to the controlpoint 410 using a security console application (security console) 400 tosend an access certificate specifying access permission to the securedevice 420 for the control point 410. Alternatively, the control point410 may be granted access permission to the secure device 420 byassigning an access authorization list to the secure device 420 thatspecifies what actions each control point is allowed to perform on thesecure device 420. The access authorization list may be sent to eachdevice in the UPnP network by the security console 400. Granting ofaccess permission to the secure device 420 may be performed after thesecurity console 400 has authenticated the control point 410 via theUPnP security. The authentication of the control point 410 by thesecurity console 400 may be required to request and invoke secureactions on the UPnP devices. The authentication procedure may be similarto the authentication procedure conducted when a device is initiallyconnected to the UPnP network, as described below.

The control point 410 and the security console 400 may be implemented inseparate devices. Alternatively, the control point 410 and the securityconsole 400 may be embedded in a single device, e.g., a media rendererfor providing a media rendering service.

In one embodiment, in a procedure for granting access permission of UPnPdevices by the security console 400, the secure device 420 may beconnected to an UPnP network, and the security console 400 may detectthe connection of the secure device 420 to the UPnP network. Thesecurity console 400 may then request a user to enter informationrequired to determine the owner of the secure device 420. In response tothe request from the security console 400, the user may enter theinformation into the security console 400 by, for example, referencingownership information on a manual or a label on the secure device 420.Upon receipt of the ownership information from the user, the securityconsole 400 may send the ownership information to the secure device 420.The secure device 420 may determine whether or not the ownershipinformation received from the security console 400 is correct. That is,the secure device 420 may determine whether the received ownershipinformation matches the ownership information stored in the securedevice 420. If the ownership information is correct (matches), thesecurity console 400 may become owner of the secure device 420. Thesecurity console 400 may perform a series of authentication processesincluding exchanging and sharing signer information and encryption keys.In so doing, the security console 400 may gain full access permission ofthe device 400.

In another embodiment, after the device 420 is initially authenticatedby the security console 400, the security console 400 may assign accesspermission of the security device 420 to the control point application410.

In yet another embodiment, access permission is sent to the controlpoint 410 by the security console 400. A user may enter accesspermission information via a user interface (UI) provided in thesecurity console 400. The access permission information may specifyaccess permission to the secure device 420, or action on services(secure services) provided by the secure device 420, for each controlpoint. Based on the access permission information, the security console400 may send an access certificate to all control points running in theUPnP network, including the control point 410 (S401). The accesscertificate may include an identification of the security console (as asigner), a sign date, keys for encryption/decryption, and accesspermission to the secure device 420 or actions on the services providedby the secure device 420. Actions on the services provided by the securedevice 420, may include for example, a read-mode, a write-mode, and arequestable mode, such as for example, including rights to read and/orwrite the device state and the types of actions requested.

The access certificate may be stored in the control point 410. Theaccess certificate may be sent from the control point 410 to the securedevice 420 to invoke an action on secure services provided by the securedevice 420 (S402). For example, when read-only mode is set in the accesscertificate, if the control point 410 requests an action requiring awrite operation, the secure device 420 may decrypt the accesscertificate using, for example, a public key. The secure device 420 maythen deny the request for an action requiring a write operation by thecontrol point 410, because the write action was not authorized by theaccess certificate. Thus, requests for actions not authorized by theaccess certificate may be rejected by the secure device 420.Furthermore, actions provided by the secure device 420 are inaccessibleto control points not listed in the access permission informationbecause such control points do not have an appropriate accesscertificate to send to the secure device 420. The secure device 420 maydeny action requests not accompanied by an appropriate accesscertificate. Thus, the sending of an appropriate access certificate to acontrol point may serve as the authentication process for the controlpoints.

In still another embodiment, an access authorization list is sent to thesecure device 420 for the granting of access permission to the securedevice. A user interface (UI) provided in the security console 400 mayallow a user to enter access permission information that specifies, foreach of a plurality of control points, access permission to the securedevice 420 or services provided by the secure device 420. Based on theaccess permission information, the security console 400 may compose andsend an access authorization list 450 to the secure device 420 via UPnPsecurity (S410). Each entry in the access authorization list 450 maycorrespond to each of the plurality of control points and may specifyaccess permission to the secure device 420 or a set of services providedby the secure device 420.

In the embodiment, sending an access certificate from a control point toa desired device to request an action provided by the device, or aservice provided by the device, may not be required. The secure device420 may receive a request of action from the control point 410, and maydetermine whether or not the action requested by the control point 410is allowable, based on the access permission of the control point 410specified in the access authorization list. The secure device 420 maythen reject or accept the action based on a result of the determination,accordingly.

Control points with no access permission to the secure device 420 maynot be specified in the access authorization list 450. Control pointsthat are not specified in the access authorization list 450 arepreferably not capable of invoking an action on the secure device 420 oron a service provided by the secure device 420.

Thus, for a control point to request an action on the secure device 420or a service on the secure device 420, an appropriate access permissionmay be designated by the security console 400. The appropriate accesspermission may be the access authorization list.

In yet another embodiment, a procedure in which the control point 410requests invocation of an action provided by the secure device 420 viaUPnP security includes establishing a secure communication channelbetween the control point 410 and the secure device 420 by, for example,exchanging private and public keys. When the control point 400 invokesan action provided by the secure device 410, an action request may bedigitally signed or encrypted using the private key. The action requestmay then be sent to the secure device 410 as an argument of aDecryptAndExecute action. The secure device 420 may also receive theaction request and decrypt the argument of the DecryptAndExecute actionusing the public key.

With reference to granting access permission to control points for eachof a plurality of devices via UPnP security, authentication methods forestablishing communication between devices are described in detailbelow.

FIG. 5 is a diagram illustrating a procedure for authentication betweentwo secure devices via a control point application, according to anembodiment of the present invention. FIGS. 7 to 9 are diagramsillustrating structures of actions for password-based authenticationbetween a control point application and a secure device, according tovarious embodiments of the present invention.

Referring to FIG. 5, an embodiment of a one-time password-basedauthentication method between devices is described. As shown in FIG. 5,a secure channel is established via a control point, such as forexample, an UPnP security enabled Remote UI control point 530, between asecure client device (client) 510 and a secure server device (server)520. The secure client device 510 may be required to provideauthentication to the server 520.

The server 520 may generate a one-time password (password) (S501). Afterauthentication between devices is completed, the password may beinvalidated or expire automatically to prevent non-secure connections.The UPnP security enabled control point 530 may receive the password asa ‘Secret’ argument (see FIG. 8) by invoking (requesting) a “GetSecret”action (see FIG. 7) (S502). In response to the request for the“GetSecret” action by the control point 530, the server 520 may send theone-time password to the control point 530. The one-time password may bekept as a state variable in the server 520. Therefore, the “GetSecret”action may read a state variable. The ‘Req’ mark (see FIG. 7) may implythat actions described with reference to FIG. 7 are required to enableauthentication between devices via secure channels between a controlpoint and UPnP devices.

The control point 530 may receive the one-time password from the server520, and may transfer the password as a ‘Secret’ argument (see FIG. 9)to the secure client device 510 using a “SetSecret” action (see FIG. 7)(S503). The secure client device 510 may be, for example, a mediarenderer. The “SetSecret” action may set or change a state variable inresponse to the client 510 setting the password as its state variable.The requests of “GetSecret” and “SetSecret” actions may be encryptedwith the private key and may be carried as arguments of theDecryptAndExecute action on the DeviceSecurity service provided by thesecure client and server devices 510 and 520.

Upon receiving the password from the control point 530, the client 520may forward the password to the server 520 (S504). The server 520 maydetermine whether or not to authenticate the client 510 by comparing thepassword received from the server 520 against the one-time passwordcreated by the server 520 (S505).

Thus, a secure channel may be established between the two secure devices510 and 520 through creation of a one-time password by the server 520and sending of the one-time password to the client 510 from the server520, using a strong secure channel via the UPnP security enabled controlpoint 530. The client device 510 may be authenticated in the server 520by comparing the password sent from the client device 510 to the server520 against the one-time password created by the server 520.

When the security console 400 sets access permission to the securedevices 510 and 520 for the control point 530 using the accessauthorization lists, in order for the control point 530 to invoke a GETaction on the server 520 and a SET action on the client 510, accesspermissions by the control point 530 for the server 520 and the client510 may be set to include at least a read-mode and at least awrite-mode, respectively.

The access authorization lists of the two secure devices 510 and 520 maybe set to provide the control point 530 with full access permission toinvoke all actions on the services provided by the two secure devices510 and 520. Alternatively, the access authorization lists may beconstructed so that the “GetSecret” action is included in a list ofaccessible actions provided by the server 520 and the “SetSecret” actionis included in a list of accessible actions provided by the client 510.The access authorization list of the secure devices 510 and 520 may beprovided by a device vendor in the form of a profile.

FIG. 6 is a diagram illustrating a procedure for authentication betweentwo secure devices via a control point application, according to anotherembodiment of the present invention.

Referring to FIG. 6, an UPnP security enabled control point 610generates a one-time password (S601) and sends the password to a client610 and a server 620 as a ‘Secret’ argument (see FIG. 9) using a“SetSecret” action (see FIG. 7) (S603, S602). Requests of a “SetSecret”action may be encrypted and carried as arguments of a DecryptAndExecuteaction on the DeviceSecurity service on the secure devices 610 and 620.

After receipt of the password from the control point 630, the client 610may send the password to the server 620 (S604). The server 620 maydetermine whether or not to authenticate the client 610 by comparing thepassword received from the client 610 against the password received fromthe control point 630 (S605).

Thus, a secure channel may be established between two secure devicesthrough creation of a password by a control point and sending thepassword to the two secure devices. Among the two secure devices, aclient device may send the password to a server device, and the serverdevice may authenticate the client device by comparing the passwordreceived from the client device against the password created by thecontrol point.

In the embodiment, in order for the control point 630 to invoke SETactions on the server 620 and the client 610, access permissions by thecontrol point 630 for the server 620 and the client 610 may be set toinclude at least a write-mode.

The access authorization lists of the two secure devices 610 and 620 maybe set to provide the control point 630 with full access permission toinvoke any actions on the services provided by the two secure devices610 and 620. Alternatively, the access authorization lists may becomposed such that the SetSecret action is included in accessibleactions on the client 610 and the server 620.

Thus, a secure channel may be established between control points and aplurality of devices via UPnP security, with authentication between twosecure devices via the secure channel.

In one embodiment, an accessing method for providing access to a deviceconnected to a network comprises, in a first application, authenticatinga second application. The method also comprises, in the secondapplication, requesting an action on a secure service provided by thedevice, based on the authenticating of the second application in thefirst application.

The requesting an action on a secure service provided by the device maybe performed after the first application has assigned an accesspermission to the secure service provided by the device to the secondapplication. The action on a secure service provided by the device mayinclude reading a password created in the device. The device may be aserver device containing media files.

The method may further comprise expiring the password after a first use.The action on a secure service provided by the device may includewriting a password to the device, the password being generated by thesecond application or received from outside the network. The device maybe a server device containing media files or a client device requestingtransfer of the media files to the server device.

In another embodiment, an authenticating method between a first deviceand a second device comprises, in a security application, authenticatinga control application that conducts a control or inquiry action on thefirst device and the second device. The method also comprises, in thecontrol application, inquiring for a password created by the firstdevice and sending the password to the second device, based on theauthenticating of the control application. The method also comprises, inthe first device, comparing a password received from the second deviceagainst the password created by the first device, and authenticating thesecond device based on a result of the comparing of the passwords.

In yet another embodiment, an authenticating method between a firstdevice and a second device comprises, in a security application,authenticating a control application that conducts a control or inquiryaction on the first device and the second device. The method alsocomprises, in a control application, creating a password and sending thepassword to the first device and the second device based on theauthenticating of the control application. The method also comprises, inthe first device, comparing the password received from the controlapplication against a password received from the second device, andauthenticating the second device based on a result of the comparing ofthe passwords.

In still another embodiment, a networked apparatus including a pluralityof devices comprises a first application configured to request a controlor inquiry action on the plurality of devices or services provided bythe plurality of devices, the first application running on one of theplurality of devices. The networked apparatus also comprises a secondapplication communicatively coupled to the first application, configuredto authenticate the first application, the second application running onone of the plurality of devices. The first application is configured torequest an action on a secure service of a first device of the pluralityof devices based on authentication information provided by the secondapplication. The request of the action on the secure service by thefirst application may be performed after the second application assignsaccess permission to the secure service to the first application.

In yet another embodiment, a networked apparatus including a pluralityof devices comprises a control application configured to request acontrol or inquiry action on at least one of the plurality of devices orat least one service provided by the at least one of the plurality ofdevices after being authenticated by a security application, and tocreate a first password. The networked apparatus also comprises a firstdevice communicatively coupled to the control application, configured tocreate a second password. The networked apparatus also comprises asecond device communicatively coupled to the first device, configured toreceive the first password from the control application and to send thefirst password to the first device to request authentication. The firstdevice authenticates the second device by determining whether or not thefirst password matches the second password.

In still another embodiment, a networked apparatus including a pluralityof devices comprises a control application configured to request acontrol or inquiry action on at least one of the plurality of devices orat least one service provided by the at least one of the plurality ofdevices after being authenticated by a security application. Thenetworked apparatus also comprises a first device communicativelycoupled to the control application, configured to compare a passworddelivered from the control application through a password setting actionof the control application against a password delivered from a seconddevice, and to authenticate the second device based on a comparisonresult.

The present invention may provide access-controlling of each of aplurality of devices in an UPnP network by enabling grants of accesspermissions of the plurality of devices to a plurality of controlpoints. The present invention also may provide establishment of a secureand reliable communication channel between two secure devices byenabling performance of authentication between the two secure devicesusing a strong secure channel between control points and devices.Furthermore, because a one-time password may be used in theauthentication process, which may expire automatically after a firstuse, non-secure connections may be prevented even if the password isleaked.

It will be apparent to those skilled in the art that variousmodifications and variations may be made in the present inventionwithout departing from the spirit or scope of the inventions. Thus, itis intended that the present invention covers the modifications andvariations of this invention provided they come within the scope of theappended claims and their equivalents.

1. An accessing method for providing access to a device connected to anetwork, the method comprising: in a first application, authenticating asecond application; and in the second application, requesting an actionon a secure service provided by the device, based on the authenticatingof the second application in the first application.
 2. The method ofclaim 1, wherein the requesting an action on a secure service providedby the device is performed after the first application has assigned anaccess permission to the second application to enable access to thesecure service.
 3. The method of claim 1, wherein the action on a secureservice provided by the device comprises reading a password created inthe device.
 4. The method of claim 3, wherein the device is a serverdevice containing media files.
 5. The method of claim 3, furthercomprising expiring the password after a first use.
 6. The method ofclaim 1, wherein the action on a secure service provided by the devicecomprises writing a password to the device, the password being generatedby the second application or received from outside the network.
 7. Themethod of claim 6, wherein the device is a server device containingmedia files or a client device requesting transfer of the media files tothe server device.
 8. The method of claim 6, further comprising expiringthe password after a first use.
 9. The method of claim 8, wherein thefirst application is a security application and the second applicationis a control application.
 10. The method of claim 8, wherein thepassword expires automatically.
 11. An authenticating method between afirst device and a second device, comprising: in a first application,authenticating a second application that conducts a control or inquiryaction on the first device; in the second application, requesting apassword created by the first device and sending the password to thesecond device, based on the authenticating of the second application,and sending the password from the second device to the first device; andin the first device, receiving the password from the second device andcomparing the password received from the second device against thepassword created by the first device, and authenticating the seconddevice based on a result of the comparing of the passwords.
 12. Themethod of claim 11, wherein the first device is a server devicecontaining media files and the second device is a client devicerequesting transfer of the media files to the first device.
 13. Themethod of claim 11, further comprising expiring the password created bythe first device after a first use.
 14. The method of claim 13, whereinthe password expires automatically.
 15. An authenticating method betweena first device and a second device, comprising: in a first application,authenticating a second application that conducts a control or inquiryaction on the first device; in the second application, creating apassword and sending the password to the first device and the seconddevice based on the authenticating of the second application; and in thefirst device, comparing the password received from the secondapplication against a password received from the second device, andauthenticating the second device based on a result of the comparing ofthe passwords.
 16. The method of claim 15, wherein the first device is aserver device containing media files and the second device is a clientdevice requesting transfer of the media files to the first device. 17.The method of claim 15, further comprising expiring the password createdin the control application after a first use.
 18. The method of claim17, wherein the password expires automatically.
 19. A networkedapparatus including a plurality of devices, comprising: a firstapplication configured to request a control or inquiry action on one ofthe plurality of devices or services provided by the plurality ofdevices, the first application running on a first one of the pluralityof devices; and a second application communicatively coupled to thefirst application, configured to authenticate the first application, thesecond application running on a second one of the plurality of devices,wherein the first application is configured to request an action on asecure service of a first device of the plurality of devices based onauthentication information provided by the second application.
 20. Thenetworked apparatus of claim 19, wherein the request of the action onthe secure service by the first application is performed after thesecond application assigns access permission to the secure service tothe first application.
 21. The networked apparatus of claim 19, whereinthe action on the secure service comprises reading a password created inthe first device.
 22. The networked apparatus of claim 21, wherein thefirst device is a server device containing media files.
 23. Thenetworked apparatus of claim 21, wherein the password is configured toexpire after a first use.
 24. The networked apparatus of claim 23,wherein the password expires automatically.
 25. The networked apparatusof claim 19, wherein the action on the secure service comprises writinga password to the first device, the password being created by thecontrol application or received from outside a network to which thenetworked apparatus is connected.
 26. The networked apparatus of claim25, wherein the first device is a server device containing media filesor a client device requesting transfer of the media files to a serverdevice.
 27. The networked apparatus of claim 26, wherein the password isconfigured to expire after a first use.
 28. The networked apparatus ofclaim 27, wherein the password expires automatically.